Description:
Multiple vulnerabilities were reported in Windows Kernel. A local user can obtain potentially sensitive information. A local user can obtain elevated privileges on the target system. A local user can bypass security restrictions.

A local user can run a specially crafted application to trigger an object memory handling error in the Windows kernel-mode driver and execute arbitrary code on the target system with elevated privileges [CVE-2017-8689, CVE-2017-8694].

A local user can bypass Device Guard security controls to inject code into a trusted PowerShell process and bypass the Device Guard Code Integrity policy on the target system [CVE-2017-8715, CVE-2017-11823].

A local user can run a specially crafted application to trigger an object memory handling error to obtain potentially sensitive information on the target system [CVE-2017-11765].

A local user can run a specially crafted application to trigger a flaw in processing Advanced Local Procedure Calls (ALPCs) to execute arbitrary code with local system privileges [CVE-2017-11783].

A local user can run a specially crafted application to obtain potentially sensitive information and bypass Kernel Address Space Layout Randomization (ASLR) on the target system [CVE-2017-11784, CVE-2017-11785].

A local user can run a specially crafted application to trigger an object memory handling error and obtain potentially sensitive information on the target system [CVE-2017-11814, CVE-2017-11817].

A local user can exploit a flaw in Microsoft Windows storage to bypass an integrity-level check and allow an application with a certain integrity level to execute code at a different integrity level [CVE-2017-11818].

A local user can create a specially crafted Delivery Optimization job to exploit a file share permissions flaw in the Windows Update Delivery Optimization to overwrite privileged files [CVE-2017-11829].